You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by ma...@apache.org on 2018/06/04 18:15:04 UTC
[airavata-django-portal] 02/04: AIRAVATA-2794 Load GatewayGroups
and if user is in Admins or Read Only Admins
This is an automated email from the ASF dual-hosted git repository.
machristie pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/airavata-django-portal.git
commit f98c93e4a05ead483ab0bd0f6e22d99dc8df101a
Author: Marcus Christie <ma...@iu.edu>
AuthorDate: Tue May 22 16:27:34 2018 -0400
AIRAVATA-2794 Load GatewayGroups and if user is in Admins or Read Only Admins
---
django_airavata/apps/auth/middleware.py | 42 +++++++++++++++++++++++++++++++++
django_airavata/settings.py | 3 +++
2 files changed, 45 insertions(+)
diff --git a/django_airavata/apps/auth/middleware.py b/django_airavata/apps/auth/middleware.py
index 4f4a452..54182b1 100644
--- a/django_airavata/apps/auth/middleware.py
+++ b/django_airavata/apps/auth/middleware.py
@@ -1,8 +1,14 @@
"""Django Airavata Auth Middleware."""
+import copy
+import logging
+
+from django.conf import settings
from django.contrib.auth import logout
from . import utils
+log = logging.getLogger(__name__)
+
def authz_token_middleware(get_response):
"""Automatically add the 'authz_token' to the request."""
@@ -21,3 +27,39 @@ def authz_token_middleware(get_response):
return get_response(request)
return middleware
+
+
+def gateway_groups_middleware(get_response):
+ """Add 'is_gateway_admin' and 'is_read_only_gateway_admin' to request."""
+ def middleware(request):
+
+ if not request.user.is_authenticated or not request.authz_token:
+ return get_response(request)
+
+ try:
+ # Load the GatewayGroups and check if user is in the Admins and/or
+ # Read Only Admins groups
+ if not request.session.get('GATEWAY_GROUPS'):
+ gateway_groups = request.airavata_client.getGatewayGroups(
+ request.authz_token)
+ gateway_groups_dict = copy.deepcopy(gateway_groups.__dict__)
+ request.session['GATEWAY_GROUPS'] = gateway_groups_dict
+ gateway_groups = request.session['GATEWAY_GROUPS']
+ admins_group_id = gateway_groups['adminsGroupId']
+ read_only_admins_group_id = gateway_groups['readOnlyAdminsGroupId']
+ group_manager_client = request.profile_service[
+ 'group_manager']
+ group_memberships = group_manager_client.getAllGroupsUserBelongs(
+ request.authz_token, request.user.username + "@" + settings.GATEWAY_ID)
+ group_ids = [group.id for group in group_memberships]
+ request.is_gateway_admin = admins_group_id in group_ids
+ request.is_read_only_gateway_admin = \
+ read_only_admins_group_id in group_ids
+ except Exception as e:
+ log.error("Failed to set is_gateway_admin, "
+ "is_read_only_gateway_admin for user", exc_info=e)
+ request.is_gateway_admin = False
+ request.is_read_only_gateway_admin = False
+
+ return get_response(request)
+ return middleware
diff --git a/django_airavata/settings.py b/django_airavata/settings.py
index e857e8e..ee566b7 100644
--- a/django_airavata/settings.py
+++ b/django_airavata/settings.py
@@ -57,6 +57,9 @@ MIDDLEWARE = [
'django_airavata.middleware.airavata_client',
# 'django_airavata.middleware.sharing_client',
'django_airavata.middleware.profile_service_client',
+ # Needs to come after authz_token_middleware, airavata_client and
+ # profile_service_client
+ 'django_airavata.apps.auth.middleware.gateway_groups_middleware',
]
ROOT_URLCONF = 'django_airavata.urls'
--
To stop receiving notification emails like this one, please contact
machristie@apache.org.